Application Pentesting


Simulated cyber-attacks designed to evaluate the security of your web and mobile applications

We attempt to exploit web apps, APIs & mobile apps using the same tools and techniques that attackers do.

Our highly experienced penetration testers analyze applications uncovering weaknesses and flaws before attackers do so that they can be rectified - providing you with the assurance you need.

After our assessment, you'll be equipped with the corrective actions needed to demonstrate to regulators, third parties, and customers your commitment to securing your application against the highest industry standards.


Uncover Application Vulnerabilities using Automated & Manual Testing

Our highly skilled, innovative and experienced testers provide a unique OWASP assessments tailored to discover both application weakness and business logic flaws by combining an arsenal of tools as well as insights-driven testing techniques.


Broken Authentication

Sensitive Data Exposure

Broken Access Control


Cross-Site Scripting

Insecure Deserialization

Vulnerable Components

Insufficient Logging and Monitoring

XML external entities

Stories & Resources

Application Security Stories & Resources

Here’s what we've been up to recently.


Hacking GraphQL by exploiting common weaknesses

ASEC is actively researching GraphQL vulnerabilities and weaknesses both at the spec and library implementation level.


Deep Dive into the Top 10 Mobile Application Vulnerabilities

ASEC provides a detailed walkthrough into today's top mobile application risks and how you can avoid them


Embedding Continuous Security Testing in your Pipeline

Learn how to catch application vulnerabilities sooner by implementing continuous security testing in your delivery model

Community is everything.

For over 8 years we've cultivated and supported some of Toronto's local security communities. We believe giving back and investing in the future generations of information security is a must.

Learn about our Intern & Education Program

Ready to start hacking?

We're here to help you identify and address risks and accelerate your proactive security journey.

Let's Go

This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find our more about the cookies we use, see our Privacy Statement.

If you decline, your information won't be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.